n8n-security-testing

The n8n-security-testing skill provides a comprehensive security auditing framework for your n8n workflow environment. Designed for DevOps engineers, QA specialists, and automation developers, this skill enables the proactive identification of security vulnerabilities within low-code orchestration logic. It integrates directly into your existing development lifecycle, allowing you to treat workflow security with the same rigor as traditional application code.

• Automated Credential Scanning: Utilizes advanced pattern matching to detect exposed API keys, bearer tokens, JWTs, AWS credentials, and plaintext secrets directly within workflow JSON exports.

• Encryption Verification: Analyzes credential storage mechanisms, verifying whether sensitive data at rest is correctly encrypted using secure algorithms, key derivation, and instance-level encryption keys.

• OAuth Lifecycle Management: Systematically tests OAuth token handling, including the ability to trigger and validate automated token refresh processes and identify stale or expired connections.

• Data Sanitization and Injection Protection: Checks for potential expression injection vulnerabilities and ensures input data sanitization to prevent downstream risks in webhook and integration modules.

• Webhook and Transmission Security: Evaluates webhook configurations to confirm that authentication is properly enabled and ensures data is handled according to secure transmission standards.

• Target inputs include individual workflow IDs or exported workflow JSON structures; outputs consist of detailed findings reports including severity levels, specific locations, and actionable remediation recommendations.

• Designed for use in CI/CD pipelines to ensure that workflow modifications do not inadvertently introduce credentials into version control or logging systems.

• Adheres to the principle of least privilege, ensuring the scanner only accesses necessary metadata and configuration without requiring access to production-sensitive secret values.

• Supports standard n8n credential formats; effectively alerts on patterns such as AWS Access Keys, Slack tokens, and generic API keys found in hardcoded string fields.

• Recommended for periodic security audits and as a mandatory quality gate for automated deployments of workflow definitions.